Security Affairs

JANUARY 26, 2023

The BlackCat Ransomware group claims to have hacked SOLAR INDUSTRIES INDIA and to have stolen 2TB of “secret military data.” The BlackCat Ransomware group claims to have breached the company infrastructure and to have stolen 2TB of data, including secret military data related to weapons production.

Military 92

Military Manufacturing Ransomware Mining 92

Security Affairs

FEBRUARY 18, 2021

PaloAlto Network warns of the WatchDog botnet that uses exploits to take over Windows and Linux servers and mine cryptocurrency. Security researchers at Palo Alto Networks uncovered a cryptojacking botnet, tracked as WatchDog, that is targeting Windows and Linux systems. Redis Spring Data Commons CVE-2018-1273, versions prior to 1.13-1.13.10,

Mining 143

Mining Cloud Access Security 143

Security Affairs

JULY 24, 2018

According to the Trend Micro blog , “We found a new exploit using port 5555 after detecting two suspicious spikes in activity on July 9-10 and July 15. […] Our data shows that the first wave of network traffic came mainly from China and the US, while the second wave primarily involved Korea.” Pierluigi Paganini.

Mining 51

Mining IoT Blockchain Risk 51

Security Affairs

JUNE 25, 2023

Researchers from Cyble Research and Intelligence Labs (CRIL) discovered a trojanized Super Mario Bros game installer for Windows that was used to deliver multiple malware, including an XMR miner, SupremeBot mining client, and the Open-source Umbral stealer. stream” to carry out cryptocurrency mining activities.” moneroocean[.]stream”

Mining 98

Mining Passwords IT Security 98

Krebs on Security

MARCH 7, 2022

“Big companies have too many secrets that they hold on to, thinking that this is their main value, these patents and data.” In 2020, researchers from Athens University School of Information Sciences and Technology in Greece showed (PDF) how ransomware-as-a-service offerings might one day be executed through smart contracts.

Ransomware 224

Ransomware Mining Blockchain Sales 224

Security Affairs

JANUARY 3, 2023

The RAT supports the following capabilities: Data exfiltration. Monero mining. While investigating multiple lures for BitRAT, the researchers discovered that a threat actor had hijacked the IT infrastructure of a Columbian cooperative bank and likely gained access to customers’ data. Execution of payloads with bypasses.

Mining 97

Mining Phishing Access IT 97

Security Affairs

MAY 3, 2024

“In the specific case of the compromised Ubiquiti EdgeRouters, we observed that a botnet operator has been installing backdoored SSH servers and a suite of scripts on the compromised devices for years without much attention from the security industry, allowing persistent access. ” reported Trend Micro.

Healthcare 112

Healthcare Phishing e-Discovery Mining 112

Security Affairs

FEBRUARY 21, 2024

A new malware campaign targets Redis servers to deploy the mining crypto miner Migo on compromised Linux hosts. Caro Security researchers have observed a new malware campaign targeting Redis servers with a crypto miner dubbed Migo. The attackers continue to improve their capability to exploit web-facing services.

Mining 120

Mining Honeypots Cloud Ransomware 120

Schneier on Security

NOVEMBER 9, 2018

The boundaries between research and grey data are blurring, making it more difficult to assess the risks and responsibilities associated with any data collection. Many sets of data, both research and grey, fall outside privacy regulations such as HIPAA, FERPA, and PII.

Privacy 86

Privacy Data collection Security Mining 86

Security Affairs

MARCH 28, 2022

Link to the stolen data from the company have been published on the leak site DDoSecrets. RostProektLeak hacked by Anonymous Delete the *—— [link] @YourAnonRiots @YourAnonNews @YourAnonTV @AnonymousVideo pic.twitter.com/NoPRPmy18S — 0PS INFORMATION | WORLD HUMANITY | (@NewAnon0ps) March 27, 2022. Pierluigi Paganini.

Mining 98

Mining Manufacturing Government IT 98

Security Affairs

MAY 14, 2023

Initially, they deployed and executed a separate Monero miner alongside the usual RapperBot binary, but starting from January 2023, they included the mining capabilities in the bot. These samples included new code for information gathering and data exfiltration. ” reads the report published by Fortinet.

Mining 98

Mining IoT Passwords Authentication 98

Security Affairs

JULY 7, 2022

Researchers uncovered a large-scale cryptocurrency mining campaign targeting the NPM JavaScript package repository. Checkmarx researchers spotted a new large-scale cryptocurrency mining campaign, tracked as CuteBoi , that is targeting the NPM JavaScript package repository. ” concludes the experts. Pierluigi Paganini.

Mining 124

Mining Security IT Information Security 124

Security Affairs

JANUARY 10, 2021

The TeamTNT botnet is a crypto-mining malware operation that has been active since April 2020 and that targets Docker installs. The activity of the TeamTNT group has been detailed by security firm Trend Micro, but in August experts from Cado Security discovered that that botnet is also able to target misconfigured Kubernetes installations.

Mining 141

Mining Metadata Authentication Security 141

Security Affairs

OCTOBER 23, 2021

CISA warned of crypto-mining malware hidden in a popular JavaScript NPM library, named UAParser.js, which has millions of weekly downloads. Cybersecurity and Infrastructure Security Agency published an advisory to warn of the discovery of a crypto-mining malware in the popular NPM Package UAParser.js. ” reads the advisory.

Mining 143

Mining Libraries Cybersecurity Security 143

Krebs on Security

JUNE 18, 2021

NYSE:FAF ] was leaking more than 800 million documents — many containing sensitive financial data — related to real estate transactions dating back 16 years. Securities and Exchange Commission settled its investigation into the matter after the Fortune 500 company agreed to pay a paltry penalty of less than $500,000.

Insurance 286

Insurance Risk Financial Services Mining 286

Security Affairs

SEPTEMBER 30, 2021

Trend Micro researchers have spotted crypto-mining campaigns that are actively exploiting a recently disclosed critical remote code execution vulnerability in Atlassian Confluence deployments across Windows and Linux. SecurityAffairs – hacking, cryptocurrency mining). reads the advisory published by the company. Pierluigi Paganini.

Mining 106

Mining Authentication Marketing Security 106

Schneier on Security

OCTOBER 16, 2018

Wildlife crime syndicates can not only coordinate better but can mine growing public data sets, often of geotagged images. Animal data protection laws, where they exist at all, are oblivious to these new threats, and no-one seems to have started to think seriously about information security. Video here.

Privacy 86

Privacy Mining Information Security Security 86

Security Affairs

DECEMBER 25, 2021

The resource contains information for the mining activity, the researchers identified a self-compiled version of the XMrig open-source miner containing information such as username, password, algorithm, and mining pool.

Mining 101

Mining Passwords IT Security 101

Security Affairs

JANUARY 4, 2023

The shc downloader subsequently proceeds to fetch the XMRig miner software to mine cryptocurrency, with the IRC bot capable of establishing connections with a remote server to fetch commands for mounting distributed denial-of-service (DDoS) attacks. ” reads the report published by ASEC. ” continues the report.

Mining 98

Mining Passwords Access Security 98

Security Affairs

JANUARY 25, 2021

. “These particular applications are targeted because they often run on systems that have powerful underlying hardware with significant amounts of memory and powerful CPUs—all of which allow threat actors to maximize their ability to monetize these resources through mining cryptocurrency.” Ransomware, data theft).

Mining 143

Mining Passwords Communications Ransomware 143

Security Affairs

AUGUST 29, 2019

card issuer and financial corporation suffered a data breach that exposed personal information from 106 million Capital One credit applications. THOMPSON used this access not only to steal data, but also used stolen computer power to “mine” cryptocurrency for her own benefit, a practice known as “ cryptojacking.””

Mining 85

Mining Cloud Data breaches Access 85

Security Affairs

JANUARY 8, 2023

rail and locomotive company Wabtec hit with Lockbit ransomware Synology fixes multiple critical vulnerabilities in its routers Canadian Copper Mountain Mining Corporation (CMMC) shut down the mill after a ransomware attack BitRAT campaign relies on stolen sensitive bank data as a lure Does Volvo Cars suffer a new data breach?

Security 94

Security Ransomware Mining Data breaches 94

Security Affairs

DECEMBER 13, 2021

Microsoft has observed activities including installing coin miners, Cobalt Strike to enable credential theft and lateral movement, and exfiltrating data from compromised systems.” Please see the Information Leaks section for more information.” ” reads the analysis published by Microsoft.

Mining 127

Mining Honeypots Libraries IT 127

Security Affairs

SEPTEMBER 22, 2022

Redis, is a popular open source data structure tool that can be used as an in-memory distributed database, message broker or cache. This may allow hackers to gain server privileges, delete or steal data, or even lead to an encryption extortion, critically endangering normal business services.” SecurityAffairs – hacking, mining).

Mining 109

Mining Data structuring Business Services Encryption 109

Security Affairs

MARCH 19, 2023

Much ado about nothing Cisco fixed CVE-2023-20049 DoS flaw affecting enterprise routers Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter) The post Security Affairs newsletter Round 411 by Pierluigi Paganini appeared first on Security Affairs.

Security 93

Security Ransomware Mining Phishing 93

Security Affairs

MARCH 11, 2023

The crypto-mining botnet has a modular structure and employs multiple techniques to infect systems and evade detection. Then the main module retrieves the actual crypto-mining payload and other modules, it also establishes persistence on the infected systems and ensure C2 communications. ” reads the post published by Cisco Talos.

Mining 98

Mining Communications Security IT 98

Security Affairs

JUNE 9, 2020

The company manufactures a variety of heavy equipment (bulldozers, dump trucks, hydraulic excavators, wheel loaders, rope shovels, walking draglines, motor graders and scrapers), such as that used for earthmoving, transport and mining. According to the researchers, the data breach has occurred in May 2020 and the data was published on May 25.

Data breaches 80

Data breaches Mining Passwords Marketing 80

Security Affairs

MARCH 20, 2024

In other instances analyzed by Trend Micro, threat actors deployed a variant of the open-source XMRig cryptocurrency-mining malware to vulnerable TeamCity servers. In March, researchers from GuidePoint Security observed BianLian ransomware exploiting vulnerabilities in JetBrains TeamCity software in recent attacks.

Authentication 127

Authentication Ransomware Mining Risk 127

Security Affairs

JUNE 3, 2022

Atlassian warned of an actively exploited critical unpatched remote code execution flaw (CVE-2022-26134) in Confluence Server and Data Center products. “Atlassian has been made aware of current active exploitation of a critical severity unauthenticated remote code execution vulnerability in Confluence Data Center and Server.

Mining 143

Mining Authentication Security Cybersecurity 143

Hunton Privacy

JUNE 10, 2019

On May 28, 2019, the Cyberspace Administration of China (“CAC”) released draft Data Security Administrative Measures (the “Measures”) for public comment. The Measures cover 40 articles in total, divided among four chapters, that address data collection, processing and use and data security.

Security 53

Security Data breaches Data collection Cybersecurity 53

Security Affairs

SEPTEMBER 25, 2022

builder Over 39K unauthenticated Redis services on the internet targeted in cryptocurrency campaign Hackers stole $160 Million from Crypto market maker Wintermute U.S. gov adds more Chinese Telecom firms to the Covered List Imperva blocked a record DDoS attack with 25.3

Security 96

Security Mining Data breaches Encryption 96

Security Affairs

NOVEMBER 18, 2020

. “Chaes specifically targets the Brazilian website of e-commerce company MercadoLivre and its payment page MercadoPago to steal its customers’ financial information. information stealer that exfiltrates data using the node process.” bin, researchers also observed the use of a cryptocurrency mining module. .

Phishing 124

Phishing Mining Libraries Encryption 124

Security Affairs

JANUARY 21, 2024

Admin of the BreachForums hacking forum sentenced to 20 years supervised release Russia-linked Midnight Blizzard APT hacked Microsoft corporate emails VF Corp December data breach impacts 35 million customers China-linked APT UNC3886 exploits VMware zero-day since 2021 Ransomware attacks break records in 2023: the number of victims rose by 128% U.S.

Security 113

Security e-Discovery Artificial Intelligence Ransomware 113

Security Affairs

APRIL 15, 2022

The crimeware allows operators to steal information from infected systems and abuse its resources to mine Monero. The malicious code is able to harvest system metadata and information stored by popular web browsers, including Google Chrome, Mozilla Firefox, Opera, and Opera GX. ” concludes the experts.

Mining 95

Mining Metadata Cybersecurity IT 95

Security Affairs

AUGUST 8, 2019

Avast spotted a new strain of Clipsa malware that is used to mine and steal cryptocurrencies along with carrying out brute-force attacks on WordPress sites. Clipsa is a malware that is well known to cyber security community is able to steal cryptocurrency via clipoard hijacking and mine cryptocurrency after installing a miner. .

Mining 97

Mining Passwords IT Security 97

Security Affairs

SEPTEMBER 13, 2019

A new cryptocurrency-mining botnet tracked as WatchBog is heavily using the Pastebin service for command and control (C&C) operations. Cisco Talos researchers discovered a new cryptocurrency -mining botnet tracked as WatchBog is heavily using the Pastebin service for command and control. ” continues Talos.

Mining 87

Mining IT Security Information Security 87

Security Affairs

MAY 27, 2021

The tools associated with this attack are: • Mimikatz (credential theft) • MinerGate (crypto mining) • WinPEAS (privilege escalation) • SharpWMI (Windows Management Instrumentation) • BitLocker activation when not anticipated (data encryption) • WinRAR where not expected (archiving) • FileZilla where not expected (file transfer).

Government 127

Government Mining Archiving Encryption 127